#include <windows.h> #include <iostream> #include <vector> #include <algorithm> #include <cstdlib> #include <comdef.h>

// 添加必要的防火墙接口声明 struct INetFwPolicy2; struct INetFwRules; struct INetFwRule;

// 定义Windows防火墙相关常量 static const CLSID CLSID_NetFwPolicy2 = {0xE2B3C97F,0x6AE1,0x41AC,{0x81,0x7A,0xF6,0xF9,0x21,0x66,0xD7,0xDD}}; static const IID IID_INetFwPolicy2 = {0xE2B3C97F,0x6AE1,0x41AC,{0x81,0x7A,0xF6,0xF9,0x21,0x66,0xD7,0xDD}};

// 过滤特殊地址（组播、广播等） bool isSpecialIP(const std::string& ip) { const char* bannedPrefixes[] = { "224.0.0", "239.255.255", "255.255.255", "172.21.91.255" }; const int count = sizeof(bannedPrefixes)/sizeof(bannedPrefixes);

for(int i=0; i<count; ++i) {
    if(ip.find(bannedPrefixes[i]) == 0) {
        return true;
    }
}
return false;

}

HRESULT CreateFWRule(const std::string& targetIP) { HRESULT hr = S_OK; INetFwPolicy2* pNetFwPolicy2 = NULL; INetFwRules* pFwRules = NULL; INetFwRule* pFwRule = NULL;

// 初始化COM
hr = CoInitializeEx(0, COINIT_APARTMENTTHREADED);
if (FAILED(hr)) return hr;

// 创建防火墙策略实例
hr = CoCreateInstance(CLSID_NetFwPolicy2, NULL, CLSCTX_INPROC_SERVER,
                      IID_INetFwPolicy2, (void**)&pNetFwPolicy2);
if (FAILED(hr)) goto Cleanup;

// 获取防火墙规则集合
hr = pNetFwPolicy2->get_Rules(&pFwRules);
if (FAILED(hr)) goto Cleanup;

// 创建规则对象
hr = CoCreateInstance(CLSID_NetFwRule, NULL, CLSCTX_INPROC_SERVER,
                      IID_INetFwRule, (void**)&pFwRule);
if (FAILED(hr)) goto Cleanup;

// 配置规则参数
BSTR bstrName = SysAllocString(L"Block Rule");
BSTR bstrDesc = SysAllocString(L"Block specific IP");
BSTR bstrIP = SysAllocString(CA2W(targetIP.c_str()));

pFwRule->put_Name(bstrName);
pFwRule->put_Description(bstrDesc);
pFwRule->put_Protocol(NET_FW_IP_PROTOCOL_ANY);
pFwRule->put_Direction(NET_FW_RULE_DIR_IN);
pFwRule->put_Action(NET_FW_ACTION_BLOCK);
pFwRule->put_Enabled(VARIANT_TRUE);
pFwRule->put_RemoteAddresses(bstrIP);

// 添加规则到集合
hr = pFwRules->Add(pFwRule);
if (FAILED(hr)) {
    std::cerr << "Failed to add rule for " << targetIP 
              << " (Error: 0x" << std::hex << hr << ")" << std::endl;
}

Cleanup: // 释放资源 SysFreeString(bstrName); SysFreeString(bstrDesc); SysFreeString(bstrIP); if (pFwRule) pFwRule->Release(); if (pFwRules) pFwRules->Release(); if (pNetFwPolicy2) pNetFwPolicy2->Release(); CoUninitialize(); return hr; }

int main() { // 需要过滤的IP列表 const char* rawIPs[] = { "172.21.91.1", "172.21.91.2", "172.21.91.3", // ... 其他IP ... "172.21.91.94", "172.21.91.255" }; const int ipCount = sizeof(rawIPs)/sizeof(rawIPs);

std::vector<std::string> ipList;
for(int i=0; i<ipCount; ++i) {
    ipList.push_back(rawIPs[i]);
}

// 应用过滤规则
ipList.erase(std::remove_if(ipList.begin(), ipList.end(), isSpecialIP), 
            ipList.end());

// 批量创建防火墙规则
for(std::vector<std::string>::iterator it = ipList.begin(); 
    it != ipList.end(); ++it) 
{
    std::cout << "Adding block rule for: " << *it << std::endl;
    HRESULT hr = CreateFWRule(*it);
    if (SUCCEEDED(hr)) {
        std::cout << "Successfully blocked " << *it << std::endl;
    }
}

// 后续清理命令
system("taskkill /im student.exe /f");
system("netsh advfirewall firewall delete rule name=\"NewCustomRule\"");
system("netsh advfirewall set allprofiles state off");

return 0;

}